package com.rt.cloud.gateway.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;



@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //http.cors().and().csrf().disable();

        http
                .authorizeRequests()
                // denyAll 认证服务器内部调用
                // 内部访问的服务方法，使用innerService路径，拒绝外网访问
                .antMatchers("/**/innerService/**").denyAll()
                .antMatchers("/core/_auth/**").denyAll()
                .antMatchers("/core/oauth/token_key").denyAll()
                .antMatchers("/core/oauth/check_token").denyAll()
                //.antMatchers("/auth/oauth/token_key").denyAll()
                //.antMatchers("/auth/oauth/check_token").denyAll()
                // swagger
                .antMatchers("/**").permitAll()
                .anyRequest().authenticated()
        ;

        // 禁用csrf
        http.csrf().disable();

    }


}
